Reading The Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World, Joseph Menn’s impressive account of one of the earliest and most influential hacking communities, is to be immersed in a world you thought you knew, but probably didn’t. Menn, a college classmate of mine and longtime cybersecurity reporter for Reuters, pulls off a difficult feat in the book. While telling the basic story of the group in detail, he pulls in relevant cultural, political, technological, ideological and economic contexts. He does so without ever getting boring or succumbing to the “hipper than thou” ethos that frequently characterizes writing about hacker culture. Hackers are interesting, but worshipping them is not a great way to understand what their work really meant.
The Cult of the Dead Cow began as a very modest dial-up bulletin board for isolated teenagers in Texas in the 1980s. In fascinating detail, Menn chronicles the obsessions of the age, including the use and abuse of phone companies. He pays homage to the “phone phreaks” who set the stage for the hackers of the 1980s and beyond. The book also reveals the connections between phone phreak/early hacking culture and the development of what we might think of as the entire consumer technology industry of today.
As the book describes, the group grew to include some of the most talented hackers of that generation. Over time, the group developed a method of approaching cybersecurity that they felt was fair and within an ethical framework they defined and adhered to. The release of the “Back Orifice” malware in the 1990s, which forced Microsoft to admit to, and then correct serious security flaws in Windows 95 and 98, was one of their most famous stunts.
Individual members of the group were involved in many of the most critical (and often classified) hacking exercises undertaken at the behest of the US government. The group was also a pioneer in “hacktivism,” helping political causes through cyber means. Menn is able to show how the group came to grips with the reality that hacktivism, while pure in motive for some, might be the malicious tools of unsavory entities—a difference that could be impossible to spot.
The media has focused on Beto O’Rourke’s membership in the group. Menn addresses this, but it’s not the main thrust of the book. The principal idea Menn seems to want to present is how groups of people with skills and ethics can come together and make a difference.
Menn is also not afraid to say out loud what a lot of people think: that cybersecurity problems today are at least partly the result of terrible business and engineering decisions made a generation ago. These decisions caused problems that still exist and have never truly been remediated due to corporate greed and excessive corporate influence on policymakers.